In a hyperconnected world, passwords are becoming increasingly important.
Throughout the day they are used to access devices, streaming platforms or personal profiles.
Whether it is to enter a computer, cell phone, social networks or even bank accounts, it is necessary to have a password to be able to access almost any website.
But how do you generate a
safe enough
one ?
On many occasions personal information is protected only through a password.
For this reason, when choosing it, it is necessary to meet various requirements.
In principle, it is necessary to use a combination of letters, symbols and numbers that provide sufficient security because, after all, it will serve to protect all kinds of private data.
Long and strong passwords
The US National Institute of Standards and Technology (NIST) published a report on the Digital Identity Guidelines.
This analysis ensures that one of the requirements for a password to be secure is its length.
It recommends a long password between 8 and 64 characters and encourages the use of long phrases as passwords.
Others, such as Harvard University, ensure that a strong password must have ten or more characters that combine uppercase letters, at least one lowercase letter, a number (0-9) and a symbol (such as ! , # or %).
A good rule of thumb is to use a
long phrase
that we can remember, like the name of a little-known song, and
add capital letters and special characters to it.
Do not use dates for passwords
It seems obvious but the use of your birthday, the day your father was born or the day you got married are passwords that can be easily cracked through social engineering.
Putting dates is almost giving access away.
word series
Another of the most repeated tips by professionals is the use of words that apparently have no connection.
That is, creating a long password using a combination of letters that, at first glance, appear to have no connection between them but that for the user may have some kind of personal meaning.
In this way, they assure, it can be easily remembered.
The site to check if the password associated with an email was violated by cybercriminals.
Currently there are reliable web pages to check if the password was exposed in a cyber attack.
In
Have I Been Pwned
, for example, it is possible to know -in detail- if the password was violated at some point and on which pages the incident was caused.
At the Latin American level, the "Me Filtraron" site allows us to know if our information is going around online, with the particularity that it has records that are not in Have I Been Pwnd.
minimum requirements
Various experts thus agree on a series of minimum requirements.
Here, Pablo Gagliardo, General Director of Noventiq Argentina, presents 5 tips to create a secure password.
It is important to create passwords that
are at least 15 or more characters long
and must combine letters, numbers, and symbols.
Passwords
should not include
simple words and personal data, that is, date of birth, name, surname, and no family member.
Using different passwords, it is essential not to recycle them since if one account is compromised, all will be at risk.
Each application must have different passwords and if it is difficult to remember,
a password manager must be used.
Constantly changing passwords is an important aspect, but you must keep the length and remember
not to repeat it.
Not sharing with anyone is perhaps the most important point, passwords should not be shared by any means of communication, especially
if there is any doubt about the interests to obtain it.
Where to save a password
The best thing to do, according to experts, is to memorize the password and not share it with anyone.
If it is too complicated, another option is to write it down on paper or use a password manager, some of them free like LastPass, Norton or Bitwarden.
An alternative are password managers, which allow you to store secure keys through a master key.
In this case, it is crucial to have a second authentication factor active and, if you want to be extremely cautious, have a physical key (such as FIDO).
“It is convenient to use managers, currently there are a wide variety of applications, both free and paid, that make it easy to store different passwords, making sure they stay where they should be.
Google smart lock, Keepass and Keeper
are some of the good options on the market today”, says the expert.
It is worth clarifying, yes, that they also represent a risk: LastPass, one of the best known, was hacked twice last year, exposing sensitive user information.
The most used passwords
Classic passwords.
Photo File
"A NordPass study revealed which are the most common passwords in the world in 2022.
"Password", "123456", "123456789", "guest" and "qwerty
" are among the 5 most used, this exposes the little culture of cybersecurity that many still maintain", recalls Gagliardo.
This is very dangerous, since simple keys take very little time to be "
cracked
".
Thus, it is true that it can be more uncomfortable to have these security measures (what is known as “friction” in the user experience). But, without a doubt, prevention is always better than cure. Also in the digital world.
look too
Email scams and account theft: seven steps to prevent cyberattacks
LastPass: the cyberattack was more serious than previously thought
